Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
11764 commits 9 branches 0 tags 111 MiB
Commit graph

68 commits

Author SHA1 Message Date
Kevin Fenzi
b467a264b2 Drop a extra line that causes a change 2016-01-08 16:32:47 +00:00
Kevin Fenzi
d55a3cb36f Setup a qa-isolated group in the qa net and have all other machines in that net reject anything from them. 
This helps us isolate higher risk qa hosts from lower risk ones without having to move everything to
a different network/vlan for now.
 2016-01-08 16:29:18 +00:00
Dennis Gilmore
1fb2627410 allow the builders to talk o kojipkgs on port 443 
Signed-off-by: Dennis Gilmore <ausil@fedoraproject.org>
 2015-12-09 20:08:09 +00:00
Kevin Fenzi
5e4bb96eb5 Lets sort staging hosts in iptables template too 2015-12-09 18:00:12 +00:00
Dennis Gilmore
312ac98ff5 fedorahosted server moved and we did not update the iptables rules 
Signed-off-by: Dennis Gilmore <ausil@fedoraproject.org>
 2015-12-09 04:26:45 +00:00
Kevin Fenzi
bd72a45ef0 Add closing conditional 2015-12-08 19:36:56 +00:00
Kevin Fenzi
4cbb6d909e Switch builders to use bastion01/02 for ntp 2015-12-08 19:34:58 +00:00
Kevin Fenzi
a5007ba910 Move ntp to a template. In phx2 non bastion01/02 hosts will use bastion01/02 and those will use the normal rhel pools. 2015-12-08 19:33:29 +00:00
Peter Robinson
595c222baf kojibuilder: add ppc hub to firewall 2015-10-13 03:02:45 +00:00
Stephen Smoogen
3be0ca58fa and we have nagios-external 2015-09-01 23:05:58 +00:00
Kevin Fenzi
096a7204a2 Fix out ntp setup to use 5 ip's from the rhel.pool.ntp.org pool. 2015-08-31 16:32:10 +00:00
Ralph Bean
08ca54945c Copy prod fedmsg iptables loop to staging. 2015-08-18 03:47:44 +00:00
Kevin Fenzi
371b97ead5 Fix some typos 2015-08-15 15:27:50 +00:00
Kevin Fenzi
f28aad573d Use fas-all ips instead of name, as dns may not yet be on at boot. 2015-08-15 15:16:03 +00:00
Mikolaj Izdebski
7025200095 Support IPv6 on jenkins 2015-06-26 20:59:11 +00:00
Mikolaj Izdebski
4e593519cc Use custom iptables config for jenkins 2015-06-26 20:47:11 +00:00
Ralph Bean
07667d7ea2 YATypofix. 2015-06-16 19:44:52 +00:00
Ralph Bean
c680e56767 Restore dynamic fedmsg endpoints experiment. 
Revert "Hold off on that.."

This reverts commit 9f5fd276e2.
 2015-06-16 19:21:50 +00:00
Ralph Bean
9f5fd276e2 Hold off on that.. 
This reverts commit 8df675b378.
 2015-06-16 18:58:12 +00:00
Ralph Bean
8df675b378 Toy with dynamically generating fedmsg endpoint config. 2015-06-16 18:57:41 +00:00
Kevin Fenzi
747ff82f95 Add ip address of new c-mode filer so we can actually mount things from it. 2015-06-09 16:59:37 +00:00
Till Maas
e3606ba68e Use more https URLs where possible 2015-06-04 17:20:06 +02:00
Kevin Fenzi
fd04066cf7 Try these ips. 2015-05-03 15:29:09 +00:00
Kevin Fenzi
40b27e57b7 Add serverbeach09 iptables with snat for ns-sb01 2015-05-03 15:19:06 +00:00
Stephen Smoogen
7a0536d0f6 add backup01 files 2015-05-01 20:39:49 +00:00
Dennis Gilmore
43c6b77415 allow builders to talk to compose-x86-01 2015-04-05 13:58:19 +00:00
Dennis Gilmore
0bb6ee731b admin is not admin.phx2 2015-03-24 17:05:20 +00:00
Dennis Gilmore
72f28bac6e add iptables rules so fasclient and 2 facter auth can work 2015-03-24 17:02:13 +00:00
Kevin Fenzi
a424b52e2e Fix vnc on new cloud 2015-03-07 17:30:13 +00:00
Kevin Fenzi
d934cf11ef Fold in new private cloud work from today. Gets things pretty working. 2015-02-28 03:15:15 +00:00
Stephen Smoogen
dfb38ce20f and we add another host on the rebuild pile. 2015-02-18 21:44:31 +00:00
Stephen Smoogen
f77a4809d3 oh silly me.. {{}} matter 2015-02-18 20:59:14 +00:00
Stephen Smoogen
251f52c283 and we have the starts for sb06 2015-02-18 20:43:43 +00:00
Kevin Fenzi
b048ff3883 Add custom serverbeach07 iptables. Will need this for the others too with their secondary ips 2015-02-18 17:19:43 +00:00
Kevin Fenzi
92e8a29f05 Stay 6 2015-02-06 21:39:22 +00:00
Kevin Fenzi
d4248510ab Clean up ipv4 specific stuff and make custom require different rules from ipv4 2015-02-06 21:29:14 +00:00
Kevin Fenzi
80caa9c7bf Fix missing comment 2015-02-06 21:26:02 +00:00
Kevin Fenzi
b6c9760b47 Move this comment into the conditional so it doesn't oddly show up on every host 2015-02-06 21:23:03 +00:00
Kevin Fenzi
8622c15919 Add initial ip6tables to base. 2015-02-06 21:20:11 +00:00
Kevin Fenzi
32a6e5dc7c Adjust firewall to only block phx2 staging hosts in phx2. 2015-01-27 20:46:09 +00:00
Ralph Bean
406de1f785 Do the same for the staging iptables rule. 2015-01-06 20:24:12 +00:00
Ralph Bean
66e4d2f191 Still more whitespace. 2015-01-06 14:29:06 +00:00
Kevin Fenzi
1ba86f9c29 Fix up some spaceing here hopefully. 2014-12-18 15:36:49 +00:00
Ralph Bean
65d2277a3f Let it go... let it goooo.. 2014-12-17 20:23:20 +00:00
Ralph Bean
b3f8810a1d Remove newline. 2014-12-17 20:12:44 +00:00
Ralph Bean
2751db995c First stab at /etc/system_identification. 2014-12-17 20:03:34 +00:00
Stephen Smoogen
663cb1a40c move from log02 to log01 2014-12-06 18:37:27 +00:00
Ralph Bean
1e49aa493d Remove all accelerate-mode knobs and toggles now that pipelining is a go. 2014-11-12 19:15:06 +00:00
Kevin Fenzi
059bed31b9 Still whitespace change o kojibuilder iptables to test last commit 2014-11-08 17:11:25 +00:00
Ralph Bean
2e60797ef4 New "staging-friendly" group to be exempted from staging firewall ban. 2014-10-13 18:22:24 +00:00